Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          H2jaWt39yKbMNhBCoGguRxuSS7hcxpoSH5gQl8mwurA=
Subject key identifier:   6C:E7:89:12:B3:6E:78:28:BC:BD:71:44:83:1C:18:A4:52:32:30:EB
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019356BFB47E40674D2DFF3A7A22B06A7C13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0180
Signing time:             Sat 23 Nov 2024 02:00:24 +0000
Manifest this update:     Sat 23 Nov 2024 02:00:24 +0000
Manifest next update:     Sun 24 Nov 2024 02:00:24 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: MX+eCFc2Ff0WqbCgVp5FkfBTogYuy9C85mFuwxlCu90=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:bf:b4:7e:40:67:4d:2d:ff:3a:7a:22:b0:6a:7c:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Nov 23 02:00:24 2024 GMT
            Not After : Nov 24 02:00:24 2024 GMT
        Subject: CN=6ce78912b36e7828bcbd7144831c18a4523230eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ad:3c:c7:7e:82:a3:d1:31:64:db:1f:a9:6c:
                    c7:48:06:f3:ae:89:cb:22:cd:34:72:e7:35:81:ec:
                    b2:75:b5:21:40:79:de:ea:ec:5f:fb:94:aa:99:c6:
                    28:b6:bd:4d:be:ca:2a:05:ec:c7:2d:3c:0a:4c:63:
                    4a:31:be:7f:61:2d:d0:fa:cc:0b:2a:49:90:81:f0:
                    7a:3e:19:0c:58:cd:8e:25:c4:30:dd:72:60:16:4c:
                    32:4f:be:3e:65:8a:6f:7f:16:63:d8:cc:58:6f:b4:
                    54:a9:3b:1d:2a:49:f5:ae:70:a4:bb:8b:35:49:dd:
                    e0:56:70:e1:8c:39:b2:c0:64:25:e1:dd:89:6c:86:
                    65:cc:45:97:9b:0d:25:7a:0f:e0:b5:fc:e3:17:3b:
                    13:61:0f:a1:4a:78:c7:23:6c:90:73:4d:24:ef:20:
                    6e:23:64:da:db:7c:3b:a9:ad:47:42:4c:07:43:48:
                    c7:c6:ff:fa:94:98:de:06:0f:dd:72:c1:33:fa:6e:
                    d7:11:d3:2e:64:5a:b6:a2:ba:d2:55:c7:9f:79:1e:
                    4c:42:e8:2d:77:1b:7d:e0:ac:4f:87:1f:5c:2e:21:
                    6b:50:96:f6:07:45:a1:3b:8d:f7:56:ca:2b:f2:3a:
                    2c:a7:99:60:a0:f3:87:b1:c8:b3:41:74:da:1d:99:
                    1d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:E7:89:12:B3:6E:78:28:BC:BD:71:44:83:1C:18:A4:52:32:30:EB
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:5d:cc:d8:82:13:89:7b:2e:27:70:b6:63:d6:2f:5a:93:46:
         b5:3f:35:69:e0:c7:86:fe:40:27:30:aa:0b:0a:8a:3a:64:29:
         d7:b3:60:10:bb:a7:92:7b:4c:a0:1f:09:95:ff:87:8b:9a:4a:
         f5:b5:21:db:72:b0:24:3c:53:dc:70:2c:9f:da:96:e4:dd:19:
         13:4b:93:f3:ba:2a:d5:0e:a4:e8:39:7e:b1:88:95:ea:78:ed:
         f9:79:a9:f7:91:53:21:09:b8:22:88:f4:3b:8a:e9:cd:20:0f:
         cf:40:6b:e4:1d:67:b4:f5:dd:c5:13:72:98:3e:fe:bd:51:e8:
         eb:c4:db:f9:f6:b5:83:d8:86:e6:06:48:2f:ed:1c:d5:db:91:
         83:2e:6e:8f:51:0d:10:f8:38:29:ff:86:62:5e:16:20:53:ea:
         dc:14:83:d6:49:b2:f2:c8:de:ce:3e:cf:42:14:fb:f8:55:70:
         4c:33:21:4e:66:66:5e:a8:85:9a:e7:81:fb:c3:77:62:19:e8:
         f1:d0:d5:d8:7f:fc:c7:af:40:79:a3:e9:54:de:fa:0b:41:fd:
         93:d3:f8:d8:01:63:c4:0f:b2:8a:16:d3:73:6d:c2:b6:bb:7e:
         21:35:3b:17:d7:65:e3:5e:93:b0:1f:57:c1:41:4c:89:8e:d6:
         a0:5a:b5:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWv7R+QGdNLf86eiKwanwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjQxMTIzMDIwMDI0WhcNMjQxMTI0MDIwMDI0WjAzMTEwLwYDVQQD
Eyg2Y2U3ODkxMmIzNmU3ODI4YmNiZDcxNDQ4MzFjMThhNDUyMzIzMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi608x36Co9ExZNsfqWzHSAbzronL
Is00cuc1geyydbUhQHne6uxf+5SqmcYotr1NvsoqBezHLTwKTGNKMb5/YS3Q+swL
KkmQgfB6PhkMWM2OJcQw3XJgFkwyT74+ZYpvfxZj2MxYb7RUqTsdKkn1rnCku4s1
Sd3gVnDhjDmywGQl4d2JbIZlzEWXmw0leg/gtfzjFzsTYQ+hSnjHI2yQc00k7yBu
I2Ta23w7qa1HQkwHQ0jHxv/6lJjeBg/dcsEz+m7XEdMuZFq2orrSVcefeR5MQugt
dxt94KxPhx9cLiFrUJb2B0WhO433Vsor8josp5lgoPOHscizQXTaHZkdwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzniRKzbngovL1xRIMcGKRSMjDrMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjV3M2IIT
iXsuJ3C2Y9YvWpNGtT81aeDHhv5AJzCqCwqKOmQp17NgELunkntMoB8Jlf+Hi5pK
9bUh23KwJDxT3HAsn9qW5N0ZE0uT87oq1Q6k6Dl+sYiV6njt+Xmp95FTIQm4Ioj0
O4rpzSAPz0Br5B1ntPXdxRNymD7+vVHo68Tb+fa1g9iG5gZIL+0c1duRgy5uj1EN
EPg4Kf+GYl4WIFPq3BSD1kmy8sjezj7PQhT7+FVwTDMhTmZmXqiFmueB+8N3Yhno
8dDV2H/8x69AeaPpVN76C0H9k9P42AFjxA+yihbTc23Ctrt+ITU7F9dl416TsB9X
wUFMiY7WoFq1SQ==
-----END CERTIFICATE-----